Oval Definition:	oval:org.opensuse.security:def:5600
Revision Date: 2020-12-02 Version: 1 Title: Security update for python (Important) Description: This update for python fixes the following issues: - Fixed a directory traversal in _download_http_url() (bsc#1176262 CVE-2019-20916) Family: unix Class: patch Status: Reference(s): 1013708 1013712 1013893 1015171 1046303 1048942 1051510 1065600 1071995 1078248 1082635 1083647 1089644 1090888 1091041 1104427 1108043 1113722 1114279 1115026 1117169 1120853 1127371 1131107 1138039 1140948 1142095 1143706 1143959 1144333 1146519 1146544 1149448 1150466 1151548 1151900 1152631 1152782 1153628 1153681 1153811 1154043 1154058 1154124 1154355 1154526 1154956 1155021 1155331 1155334 1155689 1155692 1155836 1155897 1155921 1156187 1156258 1156259 1156429 1156462 1156466 1156471 1156494 1156609 1156700 1156729 1156882 1157038 1157042 1157070 1157143 1157145 1157158 1157162 1157169 1157171 1157173 1157178 1157180 1157182 1157183 1157184 1157191 1157193 1157197 1157298 1157303 1157307 1157324 1157333 1157424 1157463 1157499 1157678 1157698 1157778 1157853 1157908 1158049 1158063 1158064 1158065 1158066 1158067 1158068 1158082 1158094 1158132 1158381 1158394 1158398 1158407 1158410 1158413 1158417 1158427 1158445 1158533 1158637 1158638 1158639 1158640 1158641 1158643 1158644 1158645 1158646 1158647 1158649 1158651 1158652 1158823 1158824 1158827 1158834 1158893 1158900 1158903 1158904 1158954 1159024 1159297 1176262 CVE-2004-0801 CVE-2008-5984 CVE-2009-0163 CVE-2009-0688 CVE-2009-2820 CVE-2009-3553 CVE-2009-4492 CVE-2010-0393 CVE-2010-0540 CVE-2010-0541 CVE-2010-0542 CVE-2010-1748 CVE-2010-2494 CVE-2010-2941 CVE-2010-4267 CVE-2011-0421 CVE-2011-1004 CVE-2011-1005 CVE-2011-2697 CVE-2011-2722 CVE-2011-3389 CVE-2011-4815 CVE-2011-4944 CVE-2012-0845 CVE-2012-1150 CVE-2012-1162 CVE-2012-1163 CVE-2012-2737 CVE-2012-5468 CVE-2012-5519 CVE-2012-6094 CVE-2013-1752 CVE-2013-1983 CVE-2013-4238 CVE-2013-4325 CVE-2013-6402 CVE-2013-6427 CVE-2013-7447 CVE-2014-2667 CVE-2014-2856 CVE-2014-3467 CVE-2014-3468 CVE-2014-3469 CVE-2014-3537 CVE-2014-4650 CVE-2014-5029 CVE-2014-5030 CVE-2014-5031 CVE-2014-9679 CVE-2015-1158 CVE-2015-1159 CVE-2015-2331 CVE-2015-2806 CVE-2015-3622 CVE-2016-4008 CVE-2016-6318 CVE-2016-6354 CVE-2016-6855 CVE-2016-9797 CVE-2016-9798 CVE-2016-9802 CVE-2016-9917 CVE-2019-14895 CVE-2019-14901 CVE-2019-15213 CVE-2019-15916 CVE-2019-16231 CVE-2019-17055 CVE-2019-18660 CVE-2019-18683 CVE-2019-18805 CVE-2019-18808 CVE-2019-18809 CVE-2019-19049 CVE-2019-19051 CVE-2019-19052 CVE-2019-19056 CVE-2019-19057 CVE-2019-19058 CVE-2019-19060 CVE-2019-19062 CVE-2019-19063 CVE-2019-19065 CVE-2019-19066 CVE-2019-19067 CVE-2019-19068 CVE-2019-19073 CVE-2019-19074 CVE-2019-19075 CVE-2019-19077 CVE-2019-19227 CVE-2019-19332 CVE-2019-19338 CVE-2019-19523 CVE-2019-19524 CVE-2019-19525 CVE-2019-19526 CVE-2019-19527 CVE-2019-19528 CVE-2019-19529 CVE-2019-19530 CVE-2019-19531 CVE-2019-19532 CVE-2019-19533 CVE-2019-19534 CVE-2019-19535 CVE-2019-19536 CVE-2019-19537 CVE-2019-19543 CVE-2019-19767 CVE-2019-20916 SUSE-SU-2019:1353-1 SUSE-SU-2019:3381-1 Platform(s): openSUSE 13.1 openSUSE 13.1 NonFree SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise for SAP 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Toolchain 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 15 SUSE OpenStack Cloud 5 SUSE OpenStack Cloud 6 Product(s): Definition Synopsis SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND python-setuptools-1.1.7-7.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information openssh-6.6p1-13.1 is installed OR openssh-askpass-gnome-6.6p1-13.3 is installed OR openssh-helpers-6.6p1-13.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND bogofilter-1.2.4-5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information accountsservice-0.6.42-14 is installed OR accountsservice-lang-0.6.42-14 is installed OR libaccountsservice0-0.6.42-14 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information avahi-0.6.32-30 is installed OR avahi-lang-0.6.32-30 is installed OR libavahi-client3-0.6.32-30 is installed OR libavahi-client3-32bit-0.6.32-30 is installed OR libavahi-common3-0.6.32-30 is installed OR libavahi-common3-32bit-0.6.32-30 is installed OR libavahi-core7-0.6.32-30 is installed OR libdns_sd-0.6.32-30 is installed OR libdns_sd-32bit-0.6.32-30 is installed Definition Synopsis SUSE Linux Enterprise for SAP 12 is installed AND Package Information kgraft-patch-3_12_51-52_39-default-4-2.2 is installed OR kgraft-patch-3_12_51-52_39-xen-4-2.2 is installed OR kgraft-patch-SLE12_Update_11-4-2.2 is installed Definition Synopsis SUSE Linux Enterprise for SAP 12 SP1 is installed AND Package Information compat-openssl098-0.9.8j-102.1 is installed OR libopenssl0_9_8-0.9.8j-102.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP2 is installed AND ruby2.1-rubygem-bundler-1.7.3-3 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP5 is installed AND ctdb-4.10.5+git.129.35f7bb6e177-1 is installed Definition Synopsis SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information audiofile-0.3.6-11.3 is installed OR libaudiofile1-0.3.6-11.3 is installed OR libaudiofile1-32bit-0.3.6-11.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information puppet-3.6.2-3 is installed OR puppet-server-3.6.2-3 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information cups154-1.5.4-2 is installed OR cups154-client-1.5.4-2 is installed OR cups154-filters-1.5.4-2 is installed OR cups154-libs-1.5.4-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 12 is installed AND python-requests-2.8.1-6.9 is installed Definition Synopsis SUSE Linux Enterprise Module for Toolchain 12 is installed AND Package Information cpp5-5.3.1+r233831-9.1 is installed OR gcc5-5.3.1+r233831-9.1 is installed OR gcc5-32bit-5.3.1+r233831-9.1 is installed OR gcc5-ada-5.3.1+r233831-9.1 is installed OR gcc5-ada-32bit-5.3.1+r233831-9.1 is installed OR gcc5-c++-5.3.1+r233831-9.1 is installed OR gcc5-c++-32bit-5.3.1+r233831-9.1 is installed OR gcc5-fortran-5.3.1+r233831-9.1 is installed OR gcc5-fortran-32bit-5.3.1+r233831-9.1 is installed OR gcc5-info-5.3.1+r233831-9.1 is installed OR gcc5-locale-5.3.1+r233831-9.1 is installed OR libada5-5.3.1+r233831-9.1 is installed OR libada5-32bit-5.3.1+r233831-9.1 is installed OR libffi-devel-gcc5-5.3.1+r233831-9.1 is installed OR libffi-devel-gcc5-32bit-5.3.1+r233831-9.1 is installed OR libffi-gcc5-5.3.1+r233831-9.1 is installed OR libstdc++6-devel-gcc5-5.3.1+r233831-9.1 is installed OR libstdc++6-devel-gcc5-32bit-5.3.1+r233831-9.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information nodejs4-4.5.0-5 is installed OR nodejs4-devel-4.5.0-5 is installed OR nodejs4-docs-4.5.0-5 is installed OR npm4-4.5.0-5 is installed Definition Synopsis SUSE Linux Enterprise Server 11 is installed AND Package Information gnome-screensaver-2.24.0-14.27.1 is installed OR gnome-screensaver-lang-2.24.0-14.27.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 11 SP2 is installed AND MozillaFirefox-10.0.7-0.3.1 is installed OR MozillaFirefox-branding-SLED-7-0.6.7.80 is installed OR MozillaFirefox-translations-10.0.7-0.3.1 is installed OR libfreebl3-3.13.6-0.5.1 is installed OR libfreebl3-32bit-3.13.6-0.5.1 is installed OR libfreebl3-x86-3.13.6-0.5.1 is installed OR mozilla-nspr-4.9.2-0.6.1 is installed OR mozilla-nspr-32bit-4.9.2-0.6.1 is installed OR mozilla-nspr-x86-4.9.2-0.6.1 is installed OR mozilla-nss-3.13.6-0.5.1 is installed OR mozilla-nss-32bit-3.13.6-0.5.1 is installed OR mozilla-nss-tools-3.13.6-0.5.1 is installed OR mozilla-nss-x86-3.13.6-0.5.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND MozillaFirefox-10.0.7-0.3.1 is installed OR MozillaFirefox-branding-SLED-7-0.6.7.80 is installed OR MozillaFirefox-translations-10.0.7-0.3.1 is installed OR libfreebl3-3.13.6-0.5.1 is installed OR libfreebl3-32bit-3.13.6-0.5.1 is installed OR libfreebl3-x86-3.13.6-0.5.1 is installed OR mozilla-nspr-4.9.2-0.6.1 is installed OR mozilla-nspr-32bit-4.9.2-0.6.1 is installed OR mozilla-nspr-x86-4.9.2-0.6.1 is installed OR mozilla-nss-3.13.6-0.5.1 is installed OR mozilla-nss-32bit-3.13.6-0.5.1 is installed OR mozilla-nss-tools-3.13.6-0.5.1 is installed OR mozilla-nss-x86-3.13.6-0.5.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP2 is installed AND Package Information apache2-2.2.12-1.28.1 is installed OR apache2-doc-2.2.12-1.28.1 is installed OR apache2-example-pages-2.2.12-1.28.1 is installed OR apache2-prefork-2.2.12-1.28.1 is installed OR apache2-utils-2.2.12-1.28.1 is installed OR apache2-worker-2.2.12-1.28.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information NetworkManager-0.7.1_git20090811-3.28.2 is installed OR NetworkManager-glib-0.7.1_git20090811-3.28.2 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP4 is installed AND amavisd-new-2.7.0-18.7.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND clamav-0.98.4-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information DirectFB-1.7.1-4 is installed OR lib++dfb-1_7-1-1.7.1-4 is installed OR libdirectfb-1_7-1-1.7.1-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kernel-default-3.12.74-60.64.48.1 is installed OR kernel-default-base-3.12.74-60.64.48.1 is installed OR kernel-default-devel-3.12.74-60.64.48.1 is installed OR kernel-default-man-3.12.74-60.64.48.1 is installed OR kernel-devel-3.12.74-60.64.48.1 is installed OR kernel-macros-3.12.74-60.64.48.1 is installed OR kernel-source-3.12.74-60.64.48.1 is installed OR kernel-syms-3.12.74-60.64.48.1 is installed OR kernel-xen-3.12.74-60.64.48.1 is installed OR kernel-xen-base-3.12.74-60.64.48.1 is installed OR kernel-xen-devel-3.12.74-60.64.48.1 is installed OR kgraft-patch-3_12_74-60_64_48-default-1-2.1 is installed OR kgraft-patch-3_12_74-60_64_48-xen-1-2.1 is installed OR kgraft-patch-SLE12-SP1_Update_17-1-2.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND busybox-1.21.1-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information avahi-0.6.32-30 is installed OR avahi-lang-0.6.32-30 is installed OR avahi-utils-0.6.32-30 is installed OR libavahi-client3-0.6.32-30 is installed OR libavahi-client3-32bit-0.6.32-30 is installed OR libavahi-common3-0.6.32-30 is installed OR libavahi-common3-32bit-0.6.32-30 is installed OR libavahi-core7-0.6.32-30 is installed OR libdns_sd-0.6.32-30 is installed OR libdns_sd-32bit-0.6.32-30 is installed Definition Synopsis SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr3.50-28.2 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr3.50-28.2 is installed OR java-1_7_1-ibm-devel-1.7.1_sr3.50-28.2 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr3.50-28.2 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr3.50-28.2 is installed Definition Synopsis SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information MozillaFirefox-45.4.0esr-81 is installed OR MozillaFirefox-translations-45.4.0esr-81 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 12 SP1 is installed AND Package Information libxml2-2.9.1-26.15 is installed OR libxml2-2-2.9.1-26.15 is installed OR libxml2-2-32bit-2.9.1-26.15 is installed OR libxml2-doc-2.9.1-26.15 is installed OR libxml2-tools-2.9.1-26.15 is installed OR python-libxml2-2.9.1-26.15 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND apache2-mod_security2-2.7.1-0.2.14.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND Package Information apache2-2.2.12-1.46.1 is installed OR apache2-devel-2.2.12-1.46.1 is installed OR apache2-doc-2.2.12-1.46.1 is installed OR apache2-example-pages-2.2.12-1.46.1 is installed OR apache2-prefork-2.2.12-1.46.1 is installed OR apache2-utils-2.2.12-1.46.1 is installed OR apache2-worker-2.2.12-1.46.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information lighttpd-1.4.20-2.54.1 is installed OR lighttpd-mod_cml-1.4.20-2.54.1 is installed OR lighttpd-mod_magnet-1.4.20-2.54.1 is installed OR lighttpd-mod_mysql_vhost-1.4.20-2.54.1 is installed OR lighttpd-mod_rrdtool-1.4.20-2.54.1 is installed OR lighttpd-mod_trigger_b4_dl-1.4.20-2.54.1 is installed OR lighttpd-mod_webdav-1.4.20-2.54.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND dbus-1-glib-devel-0.100.2-3 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND automake-1.13.4-4 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND Package Information bsh2-2.0.0.b5-3 is installed OR bsh2-classgen-2.0.0.b5-3 is installed OR bsh2-javadoc-2.0.0.b5-3 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information flash-player-11.2.202.406-1 is installed OR flash-player-gnome-11.2.202.406-1 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information ImageMagick-6.8.8.1-8 is installed OR libMagick++-6_Q16-3-6.8.8.1-8 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-8 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND lcms-1.19-17 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND argyllcms-1.6.3-3 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information bluez-5.48-5.16 is installed OR bluez-cups-5.48-5.16 is installed
BACK